Coralogix supports the SCIM specification (System for Cross-Domain Identity Management), an open standard that allows you to automate user and group provisioning using a REST API.
SCIM lets you create users and groups in Coralogix and give them the proper level of access, as well as to remove access for users (de-provisioning) should they leave your organization or no longer need it.
If you have already added users to your Coralogix account, delete them before undertaking this integration. If necessary, you may leave one admin user.
Upon completion of the SCIM integration, recreate all users through SCIM.
Integrating Okta with Coralogix
Create Users: New or existing users in Okta will be pushed to Coralogix as new users.
Update User Attributes: Updates to user profiles in Okta (firstname, lastname, username) will be updated in Coralogix.
Deactivate Users: Users deactivated in Okta will be deactivated in Coralogix. They won’t be able to log in using their team in Coralogix. If a user is reactivated, they will regain access to Coralogix and keep all previously specified access controls.
Sync Okta Groups to Coralogix: An Okta group can be synced to Coralogix with all it users, moving a user between groups in Okta that are configured in Coralogix will move the user to another team.
SCIM Server Authentication: To ensure that accounts can’t be created by unauthorized users, Coralogix uses a Bearer Token authentication.
Select Supported provisioning actions as displayed on the screenshot below In Authentication Mode select HTTP Header and paste the Provisioning Token that was generated in Coralogix under HTTP Header – Authorization
Connection is completed.
Step 3: Assign Users or Groups to the Coralogix in Okta
In order to sync a group to Coralogix you will need to add the group under Assignments tab by clicking Assign to Group.
After assigning a group to the app, the group should be pushed to Coralogix by going to “Push Groups” tab and searching the group, after successfully pushing the group it will appear with green color as active
Checking the Groups in Coralogix, the new group (SCIM Test) should be visible in the list together with the existing groups.
Roles & Scope
Roles and Scope should be edited in Coralogix side under Groups per the relevant Okta group. Sync using Okta cannot be supported as a custom attributes on groups sync via Push process is not implemented on Okta’s side.
For more information on how to assign Roles and Scope – look here.
Integrating OneLogin with Coralogix
Create Users: New or existing users in OneLogin will be pushed to Coralogix as new users.
Update User Attributes: Updates to user profiles in OneLogin (firstname, lastname, username) will be updated in Coralogix.
Deactivate Users: Users deactivated in OneLogin will be deactivated in Coralogix. They won’t be able to log in using their team in Coralogix. If a user is reactivated, they will regain access to Coralogix and keep all previously specified access controls.
Use SCIM Provisioner with SAML (SCIM v2 Core)from the Find Applications.
STEP 2. Input the relevant Application and API Connection details.
STEP 3. Identify the Identity Provider Metadata by navigating to SSO > Issuer URL.
STEP 4. To use OneLogin roles as an group, add a rule to the app.
STEP 5. Enable automatic provisioning.
STEP 6. Validate configuration for testing your SAML SSO login. To do so, input the SCIM endpoint associated with your Coralogix domain.
Integrating Azure Active Directory with Coralogix
This integration will push Azure Active Directory Users and Groups to Coralogix every 40 minutes. A Coralogix admin user needs to assign roles to the Groups on the Coralogix UI. Or assign roles to a Group using the integration.
Create Groups (supported attributes are: displayName, objectId, members)